5 Reasons Why Employee Information Management is Hard
1. HR, Finance and IT All keep their own Databases
Employee information is kept by many groups within a company. It starts with information gathered by HR during the recruiting and hiring process. Finance also maintains employee information for payroll or equity information, and IT keeps employee information for user credentials for email, single sign-on (SSO), employee notifications, and other core IT services. These groups all maintain their employee information for different reasons and in different systems.
Most of the information, though, is redundant and often incomplete. This quickly leads to a drift in information accuracy as the information in the systems are inevitably not maintained in the same way and same time.
2. The data is sensitive to store and access
Employee information is inherently sensitive and private, whether it is medical, financial, phone numbers, personal email, or home address. Employees expect a certain level of privacy in the way their information is handled by their employer. If the data is not stored and shared properly, this can lead to an unhappy employee at best and a legal and financial issue at worst.
3. No Single Group Owns Employee Information
Like a lot of information of other types within a company, no one completely “owns” employee information. HR is the logical owner of a lot of employee information, but IT is usually information security so it owns employee credentials to all or most systems and applications within the company. Similarly, finance also maintains sensitive stock ownership information that logically belongs with them. This creates complexity in how and where employee data is maintained. Mobile numbers and personal emails, for instance, are typically stored in every system that asks for employee information. When conflicts inevitably arise, which data is correct?
4. Employee information changes rapidly
Every time an employee moves, changes banks, changes their personal email, works on a new customer, gains a new certification or skill – their information changes. As employees come and go from a company, their information needs to be added and removed also. The number of small changes per employee and across all employees adds up quickly and different systems get of out sync rapidly. Traditional approaches create multiple portals or web forms for “Change of Address”, “Bank Change”, “Password change” – employees get overwhelmed with too many places to update the same information and usually only update what is easy and necessary.
5. Regulations and compliance are tough to navigate
There are a number of other regulations that govern employee data including the Health Insurance Portability and Accountability Act (HIPAA), the Americans with Disabilities Act, the Fair and Accurate Credit Transactions Act (FACT Act) and the Fair Credit Reporting Act (FCRA). Most people think of General Data Privacy Regulation (GDPR) and California Consumer Privacy Act (CCPA) are privacy regulations for consumer data but they apply to employee data also. There are also regulations covering employee data privacy that are in the law-making process in state governments across the U.S. Tracking these regulations and implementing the information systems that follow the regulations puts tremendous pressure on updating all the disparate systems and services used by a company.
What to do?
Companies need to declare an owner of the employee information repository and the rules for which groups have access to what parts of the repository data. This reduces the cost complexity of maintaining the information and can enable the ROI of applications that are important but hard to justify – such as an employee mass notification system.
Technically, implementing a hybrid integration layer (HIL) that consolidates data and applies dynamic transformations and security policies provides the basic infrastructure needed to put the company policies and processes into operation. An effective implementation includes connectors to all the systems used by HR, IT, finance, and any other group using the employee information. It also should provide the capability for employees to review and update their own information, while also enabling others within the company to securely and privately access data to enable better collaboration and information sharing across the company.